#!/bin/bash
#
# SPDX-License-Identifier: Apache-2.0
#
# Copyright (C) 2019 Intel Corporation
#
# Copyright (c) 2021 Wind River Systems, Inc.
#
# lib/config
# Functions to control the configuration and operation of stx-config

# Dependencies:
#
# - ``functions`` file
# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined

# - The update and fault plugins must be enabled

# ``stack.sh`` calls the entry points in this order:
#
# - install_config
# - configure_config
# - init_config
# - start_config
# - stop_config
# - cleanup_config

_XTRACE_STX_CONFIG=$(set +o | grep xtrace)
set -o xtrace


# Defaults
# --------

STX_CONFIG_DIR=${GITDIR[$STX_CONFIG_NAME]}
STX_SYSCONFDIR=${STX_SYSCONFDIR:-/etc}

# Set up GITDIR so setup_lib and setup_dev_lib work properly
GITDIR["cgts-client"]=$STX_CONFIG_DIR/sysinv/cgts-client/cgts-client

STX_CTRL_CONF_DIR=$STX_CONFIG_DIR/controllerconfig/controllerconfig

SYSINV_DIR=$STX_CONFIG_DIR/sysinv/sysinv/sysinv
SYSINV_AGENT_DIR=$STX_CONFIG_DIR/sysinv/sysinv-agent

SYSINV_CONF_DIR=$STX_SYSCONFDIR/sysinv
SYSINV_CONF_FILE=$SYSINV_CONF_DIR/sysinv.conf

SYSINV_SERVICE_PROTOCOL=${SYSINV_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
SYSINV_SERVICE_PORT=${SYSINV_SERVICE_PORT:-6385}
SYSINV_SERVICE_HOST=${SYSINV_SERVICE_HOST:-$SERVICE_HOST}
SYSINV_ETC_GOENABLEDD=/etc/goenabled.d
SYSINV_API_PASTE_INI=$SYSINV_CONF_DIR/api-paste.ini
SYSINV_ETC_MOTDD=/etc/motd.d
SYSINV_API_PORT=$SYSINV_SERVICE_PORT
SYSINV_AUTH_STRATEGY=${SYSINV_AUTH_STRATEGY:-keystone}
SYSINV_AUTH_CACHE_DIR=${SYSINV_AUTH_CACHE_DIR:-/var/cache/sysinv}

# STX_INST_DIR should be a non-root-writable place to install build artifacts
STX_INST_DIR=${STX_INST_DIR:-/usr/local}
STX_BIN_DIR=${STX_BIN_DIR:-$STX_INST_DIR/bin}
STX_SBIN_DIR=${STX_SBIN_DIR:-$STX_INST_DIR/sbin}

# Set up so we don't use sudo for installs when not necessary
STX_SUDO="sudo"
[[ -w $STX_INST_DIR ]] && STX_SUDO="env"

PYTHON_SITE_DIR=$(python -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")

STX_OCF_ROOT=${STX_OCF_ROOT:-/usr/lib/ocf}

# Functions
# ---------

function check_sysinv_services {
    local stx_services="sysinv-api sysinv-cond sysinv-agent"
    local service
    for service in $stx_services; do
        if [[is_service_enabled $service && $SYSTEMCTL is-enabled devstack@$service.service]]; then
            $SYSTEMCTL status devstack@$service.service --no-pager
        fi
    done
}

function cleanup_cgtsclient {
    pip_uninstall cgtsclient
}

function cleanup_config {
    if is_service_enabled sysinv; then
        cleanup_sysinv
        cleanup_controllerconfig
    fi

    if is_service_enabled cgtsclient; then
        cleanup_cgtsclient
    fi
}

function cleanup_controllerconfig {
    pip_uninstall controllerconfig

    sudo rm -f /etc/bash_completion.d/system.bash_completion
}

function cleanup_sysinv {
    stop_sysinv
    pip_uninstall sysinv

    sudo rm -f $SYSINV_ETC_GOENABLEDD/sysinv_goenabled_check.sh
    sudo rm -f $SYSINV_CONF_DIR/policy.json
    sudo rm -f $SYSINV_ETC_MOTDD/10-system
    sudo rm -f $SYSINV_CONF_DIR/upgrades/delete_load.sh
    sudo rm -f $STX_OCF_ROOT/resource.d/platform/sysinv-api
    sudo rm -f $STX_OCF_ROOT/resource.d/platform/sysinv-conductor
    sudo rm -f $STX_SYSCONFDIR/systemd/system/sysinv-api.service
    sudo rm -f $STX_SYSCONFDIR/systemd/system/sysinv-conductor.service
    sudo rm -f $STX_BIN_DIR/partition_info.sh
    sudo rm -f $STX_BIN_DIR/manage-partitions
    sudo rm -f $STX_BIN_DIR/query_pci_id

    sudo rm -rf $SYSINV_AUTHO_CACHE_DIR $SYSINV_CONF_DIR
}

function configure_config {
    if is_service_enabled sysinv; then
        configure_sysinv
        create_sysinv_user_group
        create_sysinv_accounts
    fi
}

function configure_sysinv {
    sudo install -d -o $STACK_USER $SYSINV_CONF_DIR
    cp $SYSINV_DIR/etc/sysinv/sysinv.conf.sample $SYSINV_CONF_FILE
    iniset $SYSINV_CONF_FILE DEFAULT MTC_INV_LABLE /v1/hosts/
    iniset $SYSINV_CONF_FILE DEFAULT sysinv_api_port $SYSINV_API_PORT
    iniset $SYSINV_CONF_FILE DEFAULT use_syslog True
    iniset $SYSINV_CONF_FILE DEFAULT rabbit_host $RABBIT_HOST
    iniset $SYSINV_CONF_FILE DEFAULT rabbit_hosts $RABBIT_HOST:5672
    iniset $SYSINV_CONF_FILE DEFAULT rabbit_port 5672
    iniset $SYSINV_CONF_FILE DEFAULT verbose True
    iniset $SYSINV_CONF_FILE DEFAULT sysinv_api_bind_ip $HOST_IP
    iniset $SYSINV_CONF_FILE DEFAULT auth_strategy $SYSINV_AUTH_STRATEGY
    iniset $SYSINV_CONF_FILE DEFAULT control_exchange openstack
    iniset $SYSINV_CONF_FILE DEFAULT rabbit_userid $RABBIT_USERID
    iniset $SYSINV_CONF_FILE DEFAULT rabbit_virtual_host /
    iniset $SYSINV_CONF_FILE DEFAULT  api_paste_config $CINDER_API_PASTE_INI
    iniset $SYSINV_CONF_FILE DEFAULT  debug True
    iniset $SYSINV_CONF_FILE DEFAULT  rabbit_password $RABBIT_PASSWORD
    # transport_url is not in config files, so we don't need call iniset_rpc_backend
    # iniset_rpc_backend sysinv $SYSINV_CONF_FILE
    iniset $SYSINV_CONF_FILE DEFAULT rabbit_ha_queues False
    setup_logging $SYSINV_CONF_FILE
    configure_auth_token_middleware $SYSINV_CONF_FILE sysinv $SYSINV_AUTH_CACHE_DIR/api
    iniset $SYSINV_CONF_FILE database connection `database_connection_url sysinv`
}

function create_sysinv_accounts {
    get_or_create_service "sysinv" "platform" "SysInv services"
    create_service_user "sysinv" "admin"
    sysinv_api_url="$SYSINV_SERVICE_PROTOCOL://$SYSINV_SERVICE_HOST:$SYSINV_SERVICE_PORT"
    get_or_create_endpoint \
    "sysinv" \
    "$REGION_NAME" \
    "$sysinv_api_url/v1"
}

# create_sysinv_cache_dir() - Part of the init_sysinv() process
function create_sysinv_cache_dir {
    # Create cache dir
    sudo mkdir -p $SYSINV_AUTH_CACHE_DIR/api
    sudo chown $STACK_USER $SYSINV_AUTH_CACHE_DIR/api
    rm -f $SYSINV_AUTH_CACHE_DIR/api/*
    sudo mkdir -p $SYSINV_AUTH_CACHE_DIR/registry
    sudo chown $STACK_USER $SYSINV_AUTH_CACHE_DIR/registry
    rm -f $SYSINV_AUTH_CACHE_DIR/registry/*
}

function create_sysinv_user_group {
    if ! getent group sysinv  >/dev/null; then
        sudo groupadd sysinv
    fi
    if ! getent passwd sysinv >/dev/null; then
        sudo mkdir -p /home/sysinv
        sudo useradd -g sysinv -s /bin/bash -d /home/sysinv -m sysinv
        echo "Giving user sysinv passwordless sudo privileges"
        # UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
        sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
        sudo echo "#includedir /etc/sudoers.d" >> /etc/sudoers
        # Set up DevStack sudoers
        TEMPFILE=`mktemp`
        echo "sysinv ALL=(root) NOPASSWD:ALL" >$TEMPFILE
        # Some binaries might be under ``/sbin`` or ``/usr/sbin``, so make sure sudo will
        # see them by forcing ``PATH``
        echo "Defaults:sysinv secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE
        echo "Defaults:sysinv !requiretty" >> $TEMPFILE
        chmod 0440 $TEMPFILE
        sudo chown root:root $TEMPFILE
        sudo mv $TEMPFILE /etc/sudoers.d/60_sysinv_sh
    fi
}

function init_config {
    if is_service_enabled sysinv; then
        # Migrations need this
        sudo install -d -m 755 -o ${USER} /var/run/sysinv
        if [[ "$HOST_TOPOLOGY_ROLE" != "subnode" ]]; then
            # (Re)create  sysinv database
            echo "recreate_database sysinv and dbsync"
            recreate_database sysinv
            $STX_BIN_DIR/sysinv-dbsync --config-file=$SYSINV_CONF_FILE
        fi
        create_sysinv_cache_dir
    fi
}

function install_cgtsclient {
    setup_dev_lib "cgts-client"
    sudo install -D -m 0644 -o $STACK_USER {${GITDIR["cgts-client"]}/tools/,/etc/bash_completion.d/}system.bash_completion
}

function install_config {
    if is_service_enabled cgtsclient; then
        install_cgtsclient
    fi
    if is_service_enabled sysinv; then
        install_controllerconfig
        install_sysinv
    fi
    if is_service_enabled sysinv-agent; then
        install_sysinv_agent
    fi
}

function install_controllerconfig {
    # This is a hack to work around the lack of proper global-requirements
    # setup in these packages
    pip_install pycrypto

    # We can't use setup_develop as there is no setup.cfg file present for controllerconfig
    setup_package $STX_CTRL_CONF_DIR -e
}

function install_sysinv {
    setup_develop $SYSINV_DIR
    sudo install -d -m 755 $SYSINV_ETC_GOENABLEDD
    sudo install -p -D -m 755 $SYSINV_DIR/etc/sysinv/sysinv_goenabled_check.sh $SYSINV_ETC_GOENABLEDD/sysinv_goenabled_check.sh
    sudo install -d -m 755  $SYSINV_CONF_DIR
    sudo install -p -D -m 755 $SYSINV_DIR/etc/sysinv/policy.json $SYSINV_CONF_DIR/policy.json
    sudo install -d -m 755 $SYSINV_ETC_MOTDD
    sudo install -p -D -m 755 $SYSINV_DIR/etc/sysinv/motd-system $SYSINV_ETC_MOTDD/10-system
    sudo install -d -m 755 $SYSINV_CONF_DIR/upgrades
    sudo install -p -D -m 755 $SYSINV_DIR/etc/sysinv/delete_load.sh $SYSINV_CONF_DIR/upgrades/delete_load.sh
    sudo install -p -D -m 755 $SYSINV_DIR/scripts/sysinv-api $STX_OCF_ROOT/resource.d/platform/sysinv-api
    sudo install -p -D -m 755 $SYSINV_DIR/scripts/sysinv-conductor $STX_OCF_ROOT/resource.d/platform/sysinv-conductor
    sudo install -p -D -m 755 $SYSINV_DIR/scripts/sysinv-api.service $STX_SYSCONFDIR/systemd/system/sysinv-api.service
    sudo install -p -D -m 755 $SYSINV_DIR/scripts/sysinv-conductor.service $STX_SYSCONFDIR/systemd/system/sysinv-conductor.service
    sudo install -d -m 755 $STX_BIN_DIR
    sudo install -p -D -m 755 $SYSINV_DIR/sysinv/cmd/partition_info.sh $STX_BIN_DIR/partition_info.sh
    sudo install -p -D -m 755 $SYSINV_DIR/sysinv/cmd/manage-partitions $STX_BIN_DIR/manage-partitions
    sudo install -p -D -m 755 $SYSINV_DIR/sysinv/cmd/query_pci_id $STX_BIN_DIR/query_pci_id
}

function install_sysinv_agent {
    #rename to sysinv-agent.sh to avoid overwrite entry_point of sysinv-agent
    sudo install -p -D -m 755 $SYSINV_AGENT_DIR/sysinv-agent $STX_BIN_DIR/sysinv-agent.sh
}
function start_config {
    if is_service_enabled sysinv; then
        start_sysinv
    fi
}

function start_sysinv {
    if is_service_enabled sysinv-api; then
        start_sysinv_api
    fi
    if is_service_enabled sysinv-cond; then
        start_sysinv_conductor
    fi
    if is_service_enabled sysinv-agent; then
        start_sysinv_agent
    fi
}

function start_sysinv_agent {
    run_process sysinv-agent "$STX_BIN_DIR/sysinv-agent"
}

function start_sysinv_api {
    run_process sysinv-api "$STX_BIN_DIR/sysinv-api --config-file=$SYSINV_CONF_FILE"

    # Get right service port for testing
    local service_port=$SYSINV_SERVICE_PORT
    local service_protocol=$SYSINV_SERVICE_PROTOCOL
    if is_service_enabled tls-proxy; then
        service_port=$SYSINV_SERVICE_PORT
        service_protocol="http"
    fi
    echo "Waiting for sysinv-api ($SERVICE_HOST:$service_port) to start..."
    if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $service_protocol://$SERVICE_HOST:$service_port/; do sleep 1; done"; then
        die $LINENO "sysinv-api did not start"
    fi

    if is_service_enabled tls-proxy; then
        start_tls_proxy sysinv '*' $SYSINV_SERVICE_PORT $SERVICE_HOST $SYSINV_SERVICE_PORT
    fi
}

function start_sysinv_conductor {
    # the 1st will fail
    stop_sysinv_conductor
    run_process sysinv-cond "$STX_BIN_DIR/sysinv-conductor --config-file=$SYSINV_CONF_FILE"
    # TODO: Find a way to check whether the conductor has started.
    # TODO: first run in extra stage will fail, need run second time in test-config
}

function stop_config {
    if is_service_enabled sysinv; then
        stop_sysinv
    fi
}

function stop_sysinv {
    if is_service_enabled sysinv-api; then
        stop_sysinv_api
    fi
    if is_service_enabled sysinv-cond; then
        stop_sysinv_conductor
    fi
    if is_service_enabled sysinv-agent; then
        stop_sysinv_agent
    fi
}

function stop_sysinv_agent {
    stop_process sysinv-agent
}

function stop_sysinv_api {
    stop_process sysinv-api
}

function stop_sysinv_conductor {
    stop_process sysinv-cond
}

$_XTRACE_STX_CONFIG